Просмотр файла NuclearCMS_v.1.0.0/forum/include/stena.php

Размер файла: 12.71Kb
<?php
if($authorize) {
if(empty($_GET['stenid']))
{
$sten = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username='".$username."'"));
$stenid=$sten['id'];
} else {
$stenid=intval($_GET['stenid']);
}
switch($_GET['d'])
{
default:
$num = mysql_query("SELECT * FROM `users` WHERE `id`='$stenid'");
$array = mysql_fetch_array($num);
$usersten=$array['username'];
if($version == "xhtml")
{
$thisPageSize = 1500;
}
else
{
$thisPageSize = 1500;
}
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Личная стена ".$usersten).$tag);
echo('<a href="./?p=29&amp;d=1&amp;stenid='.$stenid.'&amp;sid='.$sid.'&amp;v=wml">Написать на стене</a><br />
<a href="./?p=29&amp;v=wml&amp;sid='.$sid.'&amp;rnd='.$ref."\">Начало</a><br /><br />\r\n");
if( isset($_GET['clear']) AND ($username == $usersten))
{
echo("Вы уверены, что хотите удалить все сообщения?\r\n");
echo("<a href='./?p=29&amp;stenid=".$stenid."&amp;d=4&amp;v=wml&amp;sid=$sid'>Да</a> | <a href='./?p=29&amp;stenid=".$stenid."&amp;v=wml&amp;sid=$sid'>Нет</a><br />\r\n");
}
$sql = "SELECT *
FROM stena
WHERE stenid  = '".$stenid."' 
ORDER BY `id` DESC ";
$count = mysql_num_rows(mysql_query($sql));
$start = intval($_GET['s']);
if(!empty($start))
{
$limit = "LIMIT ".$start.", ".abs($count - $start);
$int = $start;
}
else
{
$int = 0;
}
$sql .= $limit;
$query = mysql_query($sql);
while($mess = mysql_fetch_assoc($query))
{
static $s;
echo(date("d.m H:i", $mess['time']).']');
if($mess['mod'] == "o" AND preg_match("|^$username|iu", $mess['name']))
{
echo("<b>Я</b>");
if($username == $usersten OR ($status == "moderator" or $status == "admin")){
echo(' <a href="./?p=29&amp;id='.$mess['id'].'&amp;v='.$version.'&amp;sid='.$sid."&amp;d=5\">X</a>\r\n");
}
echo("<br />\r\n");
}
else
{
echo("<b><a href=\"./?p=24&amp;v=wml&amp;sid=".$sid."&amp;d=1&amp;uid=".username2id($mess['name'])."\">".$mess['name']."</a></b>");
if($username == $usersten OR ($status == "moderator" or $status == "admin")){
echo(' <a href="./?p=29&amp;id='.$mess['id'].'&amp;v='.$version.'&amp;sid='.$sid."&amp;d=5\">X</a>\r\n");
}
echo("<br />\r\n");
}
echo(nl2br($mess['mess'])."<br />\r\n");
$int++;
$s += strlen($mess['time'].$mess['name'].$mess['name'].$mess['mess']);
if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
{
if($int != $count)
{
$next = $int;
}
break;
}
}
echo("- - - - <br />\r\n");
if(!empty($next))
{
echo("<a accesskey=\"3\" href=\"" . $_SERVER['PHP_SELF'] . "?p=29&amp;stenid=".$stenid."&amp;v=wml&amp;sid=".$sid."&amp;s=".$next."\">Дальше...(3)</a><br />\r\n");
}
if($usersten == $username){
echo("<a href='./?p=29&amp;stenid=".$stenid."&amp;sid=$sid&amp;v=wml&amp;clear=1'>Очистить личную стену</a><br />\r\n");
}
echo("<a href=\"./?p=0&amp;v=wml&amp;sid=".$sid."\" accesskey=\"1\">В форум (1)</a>\r\n");
echo($tagC."</p></card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Личная стена '.$usersten.'</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Личная стена '.$usersten.'</b></font>
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
<a href="./?p=29&amp;d=1&amp;stenid='.$stenid.'&amp;v=xhtml&amp;sid='.$sid.'">Написать на стене</a><br />
<a href="./?p=29&amp;stenid='.$stenid.'&amp;v=xhtml&amp;sid='.$sid.'&amp;rnd='.$ref.'">Начало</a><br />');
if( isset($_GET['clear']) AND $usersten == $username)
{
echo("Вы уверены, что хотите удалить все сообщения?\r\n");
echo("<a href='./?p=29&amp;stenid=".$stenid."&amp;d=4&amp;v=html&amp;sid=$sid'>Да</a> | <a href='./?p=29&amp;stenid=".$stenid."&amp;v=html&amp;sid=$sid'>Нет</a><br />\r\n");
}
echo($tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag);
$sql = "SELECT *
FROM stena
WHERE stenid  = '".$stenid."' 
ORDER BY `id` DESC ";
$count = mysql_num_rows(mysql_query($sql));
$start = intval($_GET['s']);
if(!empty($start))
{
$limit = "LIMIT ".$start.", ".abs($count - $start);
$int = $start;
}
else
{
$int = 0;
}
$sql .= $limit;
$query = mysql_query($sql);
while($mess = mysql_fetch_assoc($query))
{
static $s;
echo(date("d.m H:i", $mess['time']).']');
if($mess['mod'] == "o" AND preg_match("|^$username|iu", $mess['name']))
{
echo("<b>Я</b>");
if($username == $usersten OR ($status == "moderator" or $status == "admin")){
echo(' <a href="./?p=29&amp;id='.$mess['id'].'&amp;v='.$version.'&amp;sid='.$sid."&amp;d=5\">X</a>\r\n");
}
echo("<br />\r\n");
}
else
{
echo("<b><a href=\"./?p=24&amp;v=xhtml&amp;sid=".$sid."&amp;d=1&amp;uid=".username2id($mess['name'])."\">".$mess['name']."</a></b>");
if($username == $usersten OR ($status == "moderator" or $status == "admin")){
echo(' <a href="./?p=29&amp;id='.$mess['id'].'&amp;v='.$version.'&amp;sid='.$sid."&amp;d=5\">X</a>\r\n");
}
echo("<br />\r\n");
}
echo(nl2br($mess['mess'])."<br />\r\n");
$int++;
$s += strlen($mess['time'].$mess['name'].$mess['name'].$mess['mess']);
if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
{
if($int != $count)
{
$next = $int;
}
break;
}
}
echo($tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td>'.$tag);
if(!empty($next))
{
echo("<a href=\"" . $_SERVER['PHP_SELF'] . "?p=29&amp;stenid=".$stenid."&amp;v=xhtml&amp;sid=".$sid."&amp;s=".$next."\">Дальше...</a><br />\r\n");
}
if($usersten == $username){
echo("<a href='./?p=29&amp;stenid=".$stenid."&amp;sid=$sid&amp;v=xhtml&amp;clear=1'>Очистить личную стену</a><br />\r\n");
}
echo("<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">В форум</a>\r\n");
echo($tagC.'</td></tr></table>
</body></html>');
}
if($usersten == $username){
mysql_query("UPDATE stena SET s=0 WHERE stenid='".$stenid."'");
}
break;
case 1:
$sten = mysql_query("SELECT * FROM users WHERE id = '".$stenid."'");
$stenrow = mysql_fetch_array($sten);
$usersten=$stenrow['username'];
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Личная стена ".$usersten).$tag);

echo("<br />" . $tag."Сообщение:".$tagC." <input type=\"text\" name=\"mess\" /><br />
<anchor>[Написать на личной стене]
<go href=\"./?p=29&amp;stenid=".$stenid."&amp;v=wml&amp;sid=".$sid."&amp;d=2\" method=\"post\">
<postfield name=\"mess\" value=\"$(mess)\" />
<postfield name=\"stenid\" value=\"$(stenid)".$stenid."\" />
</go></anchor><br />
".$tag."- - - - <br />
<anchor>Назад<prev /></anchor><br />
<a href=\"./?p=29&amp;stenid=".$stenid."&amp;v=wml&amp;sid=".$sid."&amp;rnd=".$ref."\">Стена</a>
".$tagC."</p>
</card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Личная стена '.$usersten.'</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="./?p=29&amp;stenid='.$stenid.'&amp;v=xhtml&amp;sid='.$sid.'&amp;d=2" method="post">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr bgcolor="'.$style['title'].'"><td align="center" colspan="2">
<font color="#FFFFFF"><b>Личная стена '.$usersten.'</b></font>
<tr bgcolor="'.$style['bottom'].'">
<td colspan="2">');
echo("<tr bgcolor=\"".$style['text']."\"><td>
".$tag."Сообщение:".$tagC."</td><td><textarea name=\"mess\" cols=\"30\" rows=\"5\"></textarea></td></tr>
<tr bgcolor=\"".$style['text']."\"><td align=\"center\" colspan=\"2\">
".$hidden."
<input type=\"submit\" value=\"Написать на личной стене\" /></td></tr>
<tr bgcolor=\"".$style['bottom']."\"><td colspan=\"2\">
$tag");
echo("
<a href='javascript:history.back(1)'>Назад</a><br/>
<a href=\"./?p=29&amp;stenid=".$stenid."&amp;v=xhtml&amp;sid=".$sid."&amp;rnd=".$ref."\">Стена</a>  $tagC
</td></tr></table>
</form>
</body></html>");
}
break;
case 2:
$mess = $_POST['mess'];
if($transl == "on")
{
$mess = translate($mess);
}
$mess = preg_replace("|[\r\n]+|", " \r\n", $mess);
$mess = preg_replace("|[\n]+|", "\n", $mess);
$mess = sql(htmlspecialchars(trim(cutString($mess, 1024))));
$mess = preg_replace_callback("|&lt;(\d{1,20})&gt;|", "smile", $mess);
if($status == "admin" or $starus == "moderator")
{
$mess = preg_replace("|\[url=(.*)\](.*)\[/url\]|is", "<a href=\"go/?\\1\">\\2</a>", $mess);
$mess = preg_replace("|\[b\](.*)\[/b\]|i", "<b>\\1</b>", $mess);
$mess = preg_replace("|\[i\](.*)\[/i\]|i", "<i>\\1</i>", $mess);
}
if(strpos($mess, "http://") !== false)
{
if($status == "admin" or $starus == "moderator")
{
$mess = preg_replace("|\[url=(.*)\](.*)\[/url\]|is", "<a href=\"go/?\\1\">\\2</a>", $mess);
}
$mess = preg_replace("|(http://[^\s]+)|i", "<a href=\"go/?\\1\">\\1</a>", $mess);
}
////////////////////////////////////////////////////////Антифлуд
$R = mysql_query("SELECT * FROM `stena`
WHERE `stenid`='".$stenid."'");
$aR = mysql_fetch_array($R);
$messR=$aR['mess'];
////////////////////////////////////////////////////////
if($status == "admin") $ip = "127.0.0.1"; else $ip = empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['REMOTE_ADDR'] : $_SERVER['HTTP_X_FORWARDED_FOR'] ;
$ip = htmlspecialchars(sql($ip));
if($status == "admin") $user = "Admin"; else $user = htmlspecialchars(sql($_SERVER['HTTP_USER_AGENT']));
if(ban($username, $user, $ip))
{
				if($version == "wml")
				{
				header('Content-type: text/vnd.wap.wml; charset=utf-8');
				header("Cache-Control: no-cache");
				echo(doctype("Ошибка").$tag.'
Ошибка! Вы заблокированы модератором '.$modername.'. <br />
Причина: '.$banmess.'! <br />
-
<a href="'.$_SERVER['HTTP_REFERER'].'">Назад</a><br />
<a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
			} elseif($version == "xhtml")
				{
					header("Content-type: text/html; charset=utf-8");
					header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
   header("Cache-Control: no-cache, must-relative");
					echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr align="center" bgcolor="'.$style['title'].'"><td colspan="2">
<font color="#FFFFFF"><b>Ошибка</b></font>
<tr bgcolor="'.$style['text'].'"><td colspan="2">'.$tag.'Вы заблокированы модератором '.$modername.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Причина:'.$tagC.'</td><td>'.$tag.$banmess.$tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">'.$tag.'
<a href="./?p=0&amp;v=xhtml&amp;sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</body></html>');
				}
}
else
{
if(!empty($_POST['mess']) && strtolower($mess) != strtolower($messR))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM stena WHERE name='".$username."'"), 0) > 30)
{
mysql_query("DELETE FROM stena WHERE name='".$username."' ORDER BY id LIMIT 1");
}

mysql_query("INSERT INTO stena VALUES(0, '".$mess."', '".$stenid."', '".$username."', ".time().", '1')");

}
header("Location: ".$_SERVER['PHP_SELF'].'?p=29&stenid='.$stenid.'&v='.$version.'&sid='.$sid.'&rnd='.$ref);
}
break;
case 4:
$num = mysql_query("SELECT * FROM `users` WHERE `id`='$stenid'");
$array = mysql_fetch_array($num);
$usersten=$array['username'];
if($username == $usersten){
mysql_query("DELETE FROM stena WHERE stenid = '$stenid'");
}
header("Location: ".$_SERVER['PHP_SELF'].'?p=29&stenid='.$stenid.'&v='.$version.'&sid='.$sid.'&rnd='.$ref);
break;
case 5:
if($username == $usersten OR ($status == "moderator" or $status == "admin")){
	if(!mysql_result(mysql_query("SELECT COUNT(*) FROM `stena` WHERE `id`=".intval($_GET['id'])), 0))
		{
			header("Location: ".$forumdir.'p=29&v='.$version.'&sid='.$sid.'&stenid='.$_GET['stenid'].'&s='.$_GET['s']);
		} else
		{
		mysql_query("DELETE FROM `stena` WHERE `id`=".intval($_GET['id']));
		header("Location: ".$forumdir.'p=29&v='.$version.'&sid='.$sid.'&stenid='.$_GET['stenid'].'&s='.$_GET['s']);
		}
}
break;
}
}
?>